 So anytime you're starting out in security or you just want to take a look at the network NMAP is really the go-to tool that's bundled with everything, you know, it's cross-platform and it's a really great way to start assessing everything on a network. And I've done a review before of ZenMap, which is a GUI front-end for NMAP and it's nice because it produces nice XML reports, it has, you know, a few nice features. And then I just ran across this tool, which is called NMAP GUI, and it does things a little bit different. So it's not like ZenMap, instead this is a Java server that requires that you have NMAP installed on your system and then you can run it as a web interface. So what we did is I went through here and I'll leave a link to the GitHub page to the project in here. A couple of features it does have, multiple parallel commands, pretty cool. Options menu, automatic HTML report, a really pretty interface, yeah, okay, he's right that ZenMap isn't maybe the most pretty interface. Graph outputs, unnecessary tabs and menus and installer versus portable. So pretty cool, we'll get it right into using it. I did like the little chart that he made here for ZenMap versus NMAP GUI. So it's always good to run it and I am going to run this as root so I get all the trace route goodness features and the full NMAP experience. So you just do sudo java dash jar NMAP GUI and it's version 0.4 is what we're going to now and he said add the dash dash trace route option to make sure all the trace routing works inside of this. So that starts up this little menu that just popped up on my other screen. And then we're actually going to go hit start and this actually starts the web server. And from here we hit go or just you can go to local host 8080 NMAP and we're going to get started with showing how it works. So here's the GUI it's running at local host 8080 non SSL for anyone wondering that so I didn't have to deal with any security warning it just binds to local host I don't believe it binds to my local IP. Okay it does bind to my local IP so that's interesting and I can confirm you can get to it from elsewhere on the network. So be careful when you're running this because obviously it opens your computer up directly to it so there's a thought there suddenly your computer becomes the web server NMAP but I guess it's also opens up other options of being able to run this on another box and accessing it from another. So that maybe a security concern maybe he's got an option it'll bind it specifically to one IP address so you don't expose yourself on there. But apparently it opens up and opens up a port there so if you're running it as route like I am it does I didn't run a route port 80 wouldn't be exposed so but if you want NMAP to work properly you're going to run it as route. Let's go ahead and get into the scans. So it works like the command line does for NMAP. So you put in the NMAP which is already there and then you just add the command line options on there. This is where it gets kind of neat because it'll do things in parallel. So here it is running on that one and while that's running and it already completed before I jumped over here we can run another one and actually then we're going to go ahead and run a map dash. Whoops I want to type the command each time you see using the command line and we'll run one to Google over here. Now what I'm doing is if you can see this one's still spinning so it's always running this one spinning and this one completed over here. So this dropped a bunch of information and it was a quick ping sweep but here's where it gets kind of cool. This is your usual NMAP output and here is an HTML output. So you get this really nice HTML which you can copy and paste and start making reports out of that look pretty nice. I kind of like this as a feature. It also has graphing on here like you did in ZenMap so you can see where you are in relation to it and I scan my local network so I'm in the center and then everything else is around there. So each one of the IP address get fine but let's look at the one where we're running the TraceShot here and see if that's done. It actually draws out the TraceShot. I'm just going to mouse zoom in and out so me here here here here and you can then look at each hop all along the way. Same with the HTML output so I found out what it could find on Google based on the parameters I put in and it's pretty slick. So here's the discovered ports and things like that I did on this server which is our free NAS box on the same local network. So we're going to drop that to HTML and look how nice these reports look. Just really slick. I this is kind of a cool front end there. So potential OS matches Sony PlayStation, McAfee. These are the different OS detections that did on the ports on there. So it's, you know, I guess it's the same end map that they have on here and you can see actually a contact name for commenting for the self-signed certificate that we have for it. So everything's in a nice very presentable format which I think is pretty slick. You can then minimize each of these so we can do this and minimize that. So if you're doing comparison to reports, here's the command and you can just expand back out each one. And if you're done with it, you can simply kill it. Now the other thing this has an option to is a little save icon here so I can click save and it just downloaded an XML report. So I can have a nice XML copy right saved to my computer for that scan I did. This is pretty slick. It's easily portable. Yeah, I'm running Java open source, which of course is great. And it's on GitHub and it's really nice. Now these are some informational things on the side here. They don't really, they're not functional, they're just informational. So if you want to know like how to do something like how I do a port range, how to do run the scripts. These are just some tools and things you can actually just copy and paste. Version intensity, all ports or like a host file, host in range. It's just all informational stuff, but it's got a really nice interface. And it's simple front end to end map. It's not a real complicated project. There's not much more to show you here, but definitely kind of nice. I like the HTML outputs. There's something we do when we go into a lot of clients. We go in there and we have to assess what in the world is on their network when we pick up a new client or making scans and finding all the devices so we can start documenting and labeling and creating a whole assessment of them. And then map is still the go to tool for this. And having a nice HTML report come out of it without having to parse through anything or from the command line. I really like this. So pretty slick tool. I'm going to add it to my list of things that I like in tools and such. But I want to get a quick overview on it. Not so sure I like the fact that it automatically binded to my main IP address. I kind of wish it stayed strictly to localhosts because that's kind of a security concern because other people can run it. But then again, you know, that's probably easily changed. It's open source. People can go to the code and probably find a way to bind it only to localhosts and make some modifications. So anyways, if you like the content here, like, subscribe. Thanks for watching.